How do you go about securing ports in Windows

February 2, 2011 at 20:06:32
Specs: Windows
I have been trying to learn about securing the ports in Windows XP/Vista/7, any advice is welcome.

See More: How do you go about securing ports in Windows

Report •


#1
February 2, 2011 at 21:36:01
Hi heres some sites to read through, hope they help?
WindowsXP
http://www.networktutorials.info/pa...

Windows Vista
http://www.techrepublic.com/article...

Windows7
http://www.thewindowsclub.com/how-t...

General Windows firewall rules.
http://support.microsoft.com/kb/832017
Read through these, there are loads of sites that have info.

These three will test your ports to see whats open and visible.
http://www.pcflank.com/
https://www.grc.com/x/ne.dll?bh0bkyd2
http://www.auditmypc.com/


Report •

#2
February 3, 2011 at 07:54:13
This site contains the answer to what your looking for. :)

http://www.jproctor.net/virus/


Report •

#3
February 3, 2011 at 11:36:35
Thanks for your reply mrgoodguy.

On a Windows XP Professional machine used for small business I run netstat -an and show that ports 135, 139, and 445 are listening. I also show ports 137 & 138 but can't tell whether they are listening. From what I've gathered these are ports that usual make sense to secure when hardening a system, but having trouble finding specific advice on the Web and only that they are often attacked. You know much about these?

I have used GRC's Shields UP and also Symantec's Online Security Check, but if you have a router with built-in firewall won't these checks actually be taking place at the router and not the actual machine? Nonetheless, I am trying to learn about both using the firewall at the router and on the local machine. Now I know that some say that you are good with only utilizing the firewall at the router and you can actually turn off the firewall on the local machine, but for now I am interested in learning about both and will later decide whether I will run both or not. Besides, if the machine happens to be a laptop it will eventually be taken and used on a public wifi network whereby the personal firewall will definitely be needed, so I feel I need to understand how to secure both.

Any guidance or input is appreciated.


Report •

Related Solutions

#4
February 3, 2011 at 13:07:04
thanks for your reply J77P1, but I guess I'm looking for something more advanced

Report •

#5
February 3, 2011 at 13:32:57
I run my pc through a router with built in firewall, but use my AV softwares firewall as my main firewall. My AV software lets me know when I have had a attempted attack 31 blocked since Dec, so that means the router firewall is less than effective.
The ports you talk of can be checked with your AV provider if its ok to block them. As some are needed for general internet access, microsoft updates etc. You need to find out what each one does.
One of the firewall port check links I gave you will tell you whats open or visible, but you need to search online as to what the port does?
Its no good blocking all ports as you won't be able to get online.

Report •

#6
February 3, 2011 at 13:53:56
I know for sure 137 & 138 have to be left open, as I have just been through the same questions with my AV provider.
http://en.wikipedia.org/wiki/List_o...
This link gives general port use descriptions, see if that helps?

Report •

#7
February 4, 2011 at 17:27:13
Did they explain why they have to be left open?

Report •

#8
February 4, 2011 at 20:01:16
port 135 Microsoft-RPC locator service.
port 137 netbios-ns
sorry I forget what port 138 was, your AV provider will have the info you seek.
Like I said its to do with basic internet functions. If you close them you won't get microsoft updates and or access the internet at all. I gave my AV provider the numbers of all open/visible ports and they gave a few examples. They also said the rest of the ports on my list were ok.
So what you need to do is use the site link I gave you to check whats open and write the port numbers down, the get in touch with your AV provider asking if they should be blocked or left open? Or google each one.

Report •

#9
February 5, 2011 at 11:10:37
I'm curious, why do you feel that a person's AV provider is someone to talk to regarding ports on your machine? I use free AV software anyways, so I am just not seeing how it would be their responsibility to help me address/secure the ports on my computer as ports has more to do with the firewall than the AV software that a person uses.

I've already ran tests that you mention, but if you have a router with a built in firewall so these tests are going to run at this piece of hardware, whereas, I am interested in addressing the ports on my local machine (at the personal firewall).

I do appreciate you trying to help though.


Report •

#10
February 5, 2011 at 12:27:53
The AV providers work with firewalls everyday and know exactly what each port is? I gave you a link that lets you decide for yourself what each port is? And Its your responsibility to secure your own pc, no one elses.
The scans will check your systems firewall not your routers, you have to go through your router to change its settings.
If you are running a AV program without a built in firewall (ie Windows) then your AV provider won't be much help.
Good luck.
You will have to google it if that still doesn't help.

Report •


Ask Question